iCloud backups of Apple devices aren’t encrypted, and Apple supply these and iCloud photos to valid legal requests.
Pointing that one out as there seems to be a fundamental misunderstanding there.
25
171
742
Conversation
Replying to
The alternative would be that you couldn’t use your iCloud account to restore your data if you lost your phone / forgot your password.
I’m not saying it’s great that they therefore can read your data, but it’s a trade off…
2
1
2
Entirely possible to require users set up restoration methods in order to enable it.
For example, security keys, physically recording a seed phrase by writing it down or using a more durable approach, etc.
Can require multiple options to enable it and do occasional reminders.
1
Enabling it by default would make it easy to lose data but offering the option with the requirement to set up recovery methods is a different story.
When adding a new device, it can ask for one of the recovery methods for pairing + making sure they still have them available.
1
An option, totally agree 🙂
My point is that probably most people wouldn’t want to loose all their data if they lost their password. Even worse, turn on something like this without understanding it, loosing their secret, then blaming Apple.
1
Most people may not want that, but a lot of people would want to use the option. That's how it works with Bitcoin wallets where people can manage/store their own keys and use backup solutions like cryptosteel.com/product/crypto rather than just writing down the seed phase on paper.
1
1
The backup feature in GrapheneOS uses a BIP39 seed phrase like a Bitcoin wallet so it's compatible with those storage mechanisms. It asks the user to write it down / record it and then asks it to be entered, demonstrating they did actually back it up. Up to them beyond that.
Security keys an are a option where people don't actually have to manually write it down. It only costs a few dollars to produce those and they could be bundled with other products. Nice having at least one physical backup that's not digital though.
1
1
And continuing with Bitcoin as an example, it's true that a lot of people simply trust exchanges to hold onto their money. It's possible that even most Bitcoin users do that.
However, a LOT of people do own / control their own keys and the seed phrase approach works really well.
2
2
Show replies